Skip to content

chore(deps): bump the production-dependencies group with 4 updates#147

Open
dependabot[bot] wants to merge 1 commit into
stagingfrom
dependabot/pip/staging/production-dependencies-d89138080b
Open

chore(deps): bump the production-dependencies group with 4 updates#147
dependabot[bot] wants to merge 1 commit into
stagingfrom
dependabot/pip/staging/production-dependencies-d89138080b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 12, 2026

Bumps the production-dependencies group with 4 updates: gitpython, phonenumbers, requests and twilio.

Updates gitpython from 3.1.49 to 3.1.50

Release notes

Sourced from gitpython's releases.

3.1.50

What's Changed

New Contributors

Full Changelog: gitpython-developers/GitPython@3.1.49...3.1.50

Commits

Updates phonenumbers from 9.0.29 to 9.0.30

Commits

Updates requests from 2.33.1 to 2.34.0

Release notes

Sourced from requests's releases.

v2.34.0

2.34.0 (2026-05-11)

Announcements

  • Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

    Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

  • Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
  • Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
  • Requests added support for Python 3.14t. (#7419)

Bugfixes

  • Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
  • Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)
  • Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2340-2026-05-11

Changelog

Sourced from requests's changelog.

2.34.0 (2026-05-11)

Announcements

  • Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

    Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

  • Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
  • Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
  • Requests added support for Python 3.14t. (#7419)

Bugfixes

  • Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
  • Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)
  • Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)
Commits

Updates twilio from 9.10.5 to 9.10.9

Release notes

Sourced from twilio's releases.

9.10.9

Release Notes

Conversations

  • update actions api visibility

Memory

  • 2026-05-07

  • Content updates:
  • include store api

Docs

9.10.7

Release Notes

Library - Chore

Docs

9.10.6

Release Notes

Library - Chore

Twiml

  • Set recording_configuration_id attribute to public visibility in <Conference>, <Dial>, <Record> verbs and <Recording> noun

Api

  • Add RecordingConfigurationId parameter for CreateCall, CreateCallRecording, CreateConferenceRecording, and CreateParticipant endpoints

Authy

  • Changelog

  • v1

  • Added Authy API v1 under /v1 — initial onboarding of Public API (/v1/protected/*), Device API (/v1/json/*), and Dashboard API (/v1/dashboard/*) behind REST Proxy using transparent proxy mode.

Data-ingress

  • 2026-04-21

  • Content updates:
  • Updated description for CreateDataSync
  • Updated description for DeleteCloudAppDataset
  • Updated description for DeleteWarehouseDataset

  • 2026-04-20

  • Minor updates (formatting, metadata)

  • 2026-04-17

  • updated operationId for dataplane APIs,Minor updates (formatting, metadata)

  • 2026-04-15

... (truncated)

Changelog

Sourced from twilio's changelog.

[2026-05-07] Version 9.10.9

Conversations

  • update actions api visibility

Memory

  • 2026-05-07

  • Content updates:
  • include store api

[2026-05-07] Version 9.10.7

Library - Chore

[2026-05-06] Version 9.10.6

Library - Chore

Twiml

  • Set recording_configuration_id attribute to public visibility in <Conference>, <Dial>, <Record> verbs and <Recording> noun

Api

  • Add RecordingConfigurationId parameter for CreateCall, CreateCallRecording, CreateConferenceRecording, and CreateParticipant endpoints

Authy

  • Changelog

  • v1

  • Added Authy API v1 under /v1 — initial onboarding of Public API (/v1/protected/*), Device API (/v1/json/*), and Dashboard API (/v1/dashboard/*) behind REST Proxy using transparent proxy mode.

Data-ingress

  • 2026-04-21

  • Content updates:
  • Updated description for CreateDataSync
  • Updated description for DeleteCloudAppDataset
  • Updated description for DeleteWarehouseDataset

  • 2026-04-20

  • Minor updates (formatting, metadata)

  • 2026-04-17

  • updated operationId for dataplane APIs,Minor updates (formatting, metadata)

  • 2026-04-15

  • libraryVisibility to private

  • 2026-04-14

  • Added 1 new path(s):
  • /v1/DataSyncs/Latest (GetLatestDataSyncs)

Memory

  • 2026-04-21

... (truncated)

Commits
  • 82adf8f Release 9.10.9
  • 027bd88 [Librarian] Regenerated @ d39d243cf0f072a87b06d80cfd5d04f77cde8481 18d7938080...
  • 6c4e1bc chore: add support for delete with response body (#918)
  • 078c7bf [Librarian] Regenerated @ d39d243cf0f072a87b06d80cfd5d04f77cde8481 e2fda0239d...
  • 58c0008 chore: add init for knowledge (#922)
  • b62862f Release 9.10.6
  • aec1723 [Librarian] Regenerated @ d39d243cf0f072a87b06d80cfd5d04f77cde8481 e2fda0239d...
  • 90bd2e0 new api udpates (#921)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the production-dependencies group with 4 updates
58ef236 
Bumps the production-dependencies group with 4 updates: [gitpython](https://github.com/gitpython-developers/GitPython), [phonenumbers](https://github.com/daviddrysdale/python-phonenumbers), [requests](https://github.com/psf/requests) and [twilio](https://github.com/twilio/twilio-python).


Updates `gitpython` from 3.1.49 to 3.1.50
- [Release notes](https://github.com/gitpython-developers/GitPython/releases)
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES)
- [Commits](gitpython-developers/GitPython@3.1.49...3.1.50)

Updates `phonenumbers` from 9.0.29 to 9.0.30
- [Commits](daviddrysdale/python-phonenumbers@v9.0.29...v9.0.30)

Updates `requests` from 2.33.1 to 2.34.0
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.33.1...v2.34.0)

Updates `twilio` from 9.10.5 to 9.10.9
- [Release notes](https://github.com/twilio/twilio-python/releases)
- [Changelog](https://github.com/twilio/twilio-python/blob/main/CHANGES.md)
- [Commits](twilio/twilio-python@9.10.5...9.10.9)

---
updated-dependencies:
- dependency-name: gitpython
  dependency-version: 3.1.50
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: phonenumbers
  dependency-version: 9.0.30
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: requests
  dependency-version: 2.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: twilio
  dependency-version: 9.10.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants